Enterprise Security Engineer III, Vulnerability Management

18 days ago

Denver, CO, USAMid Level / Senior

Base Salary

$115k - $165k/yr

Responsibilities

Operate and maintain vulnerability scanning infrastructure across cloud, on-prem, and endpoint environments.
Execute regular vulnerability scans and manage scan schedules, policies, and agent deployments.
Triage and prioritize vulnerability findings based on exploitability, asset criticality, and business context.
Track remediation efforts across teams, monitor SLA adherence, and escalate aging vulnerabilities.
Partner with IT, DevOps, and engineering teams to coordinate patching and remediation activities.
Maintain accurate asset inventory and ensure scanning coverage across all environments.
Develop and maintain vulnerability management dashboards, metrics, and reporting for stakeholders and leadership.
Contribute to the development of vulnerability management policies, standards, and procedures.
Support compliance efforts by providing vulnerability data and evidence for audits and framework assessments.
Monitor threat intelligence feeds and vendor advisories to identify emerging vulnerabilities.
Assist with ad hoc security assessments and penetration testing coordination as needed.
Stay updated with the latest vulnerability trends, exploitation techniques, and remediation best practices.

Minimum of 4 years of experience in information security or a related technical field, with exposure to vulnerability management.
Hands-on experience with vulnerability scanning tools such as Tenable, Qualys, Rapid7, or similar platforms.
Understanding of CVE scoring (CVSS), vulnerability prioritization frameworks, and risk-based remediation approaches.
Familiarity with patch management processes across Windows, Linux, Mac, and cloud environments.
Solid technical understanding of networking, operating systems, and common enterprise technologies.
Experience producing security metrics and reporting for technical and non-technical audiences.
Strong organizational skills with the ability to track and drive multiple remediation efforts simultaneously.
Strong analytical, problem-solving, and communication skills.
Ability to work both independently and collaboratively in a fast-paced environment.
Relevant certifications such as Security+, GSEC, CEH, or equivalents are a plus.

Competitive salary.
Opportunity to work on challenging, mission-critical security initiatives.
Professional development and certification support.
Collaborative culture with experienced security professionals.
Equity + Benefits including Health, Dental, Vision, HRA/HSA options, PTO and paid holidays, 401K, Parental Leave.

AWSAzureGoogle Cloud